UN*X filesystem && bezpecnost

[Matus Uhlar]

Libor Pechacek <farco na www.clnet.cz> wrote:
-> When Apache starts, it opens the log files as the user who started the
-> server before switching to the user defined in the User directive. Anyone
-> who has write permission for the directory where any log files are being
-> written to can append pseudo-arbitrary data to any file on the system
-> which is writable to the user who starts Apache. Since the server is
-> normally started by root, you should NOT give anyone write permission to
-> the directory where logs are stored unless you want them to have root
-> access.

-> Nemam zadny napad, jak to muze fungovat.  Tim, ze si vytvorim soubor v
-> adresari, nebo tam nejaky znicim (odlinkuju), nemuzu spachat to, co je v
-> predchozim textu popsano.

vytvorite v tom adresari symbolicku linku niekam s menom toho log suboru.
a ked ho potom apache otvori...

-- 
 Matus "fantomas" Uhlar, network manager at NETLAB+ Kosice, Slovakia